DescriptionHost-side third party token validation
This creates a TokenValidator implementation on the host, that upon receiving a token:
Signs the token with its private key.
Uses URLFetcher to request the exchange of the token for a secret from the Token Validation URL.
On receiving a reply, checks that the scope in the reply matches the one required for this connection.
Uses the callback to send the shared_token back to the authentication layer.
(The server will authenticate the host by checking that the token signature matches the host public key that the client included in the token request)
BUG=115899
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=192701
Patch Set 1 #
Total comments: 48
Patch Set 2 : Reviewer comments #Patch Set 3 : Reviewer comments #
Total comments: 1
Patch Set 4 : Make TokenValidatorFactory global #Patch Set 5 : Add missing parameters #
Total comments: 28
Patch Set 6 : Reviewer comments #
Total comments: 19
Patch Set 7 : Reviewer comments #
Total comments: 1
Patch Set 8 : Add TODO comment #Messages
Total messages: 19 (0 generated)
|